Offices: Poland | Lithuania | Latvia | Estonia

+48 732 126 560

[email protected]

Menu

Estonian Gambling Licence and the FIU Contact Person (Compliance Officer)

In: AML Compliance, Estonian iGaming Compliance

Estonian Gambling Licence and the FIU Contact Person (Compliance Officer): What Every Operator Needs to Know

If your company holds an Estonian gambling activity licence – or is applying for one – you are an obliged entity under Estonian anti-money laundering law.

That brings with it a set of ongoing compliance obligations, one of which is increasingly in focus: the appointment of a qualified, Estonian-resident FIU Contact Person – also called a compliance officer or MLRO (Money Laundering Reporting Officer) in the official English translation of Estonian law and in international iGaming practice.

Complium provides this service on an outsourced basis, so you can stay compliant without building a local compliance function from scratch.

A Note on Terminology: Contact Person, Compliance Officer, and MLRO

Before diving into the obligations, a terminology point that frequently causes confusion for non-Estonian operators is worth clarifying.

In the Estonian version of the Money Laundering and Terrorist Financing Prevention Act (Rahapesu ja terrorismi rahastamise tõkestamise seadus, MLTFPA), the relevant function is called the “kontaktisik” – literally: contact person. This is the official legal term in the Estonian-language statute.

In the official English translation of the same Act published on Riigi Teataja (the Estonian State Gazette), section 17 is titled “Appointment of management board member in charge and compliance officer.” The English translation uses “compliance officer” to describe the same function.

In practice, both terms describe the same role.

In the broader international iGaming compliance world, this function is most commonly called the MLRO – Money Laundering Reporting Officer. Whether you encounter kontaktisik, compliance officer, or MLRO in the context of Estonian gambling licensing and AML compliance, the legal basis, the qualifications required, and the practical responsibilities are the same.

Throughout this article we use all three terms interchangeably.

Legal references: MLTFPA (Estonian text, latest consolidated version): https://www.riigiteataja.ee/akt/113022026013?leiaKehtiv | Official English translation: https://www.riigiteataja.ee/en/eli/ee/517112017003/consolide/current

The Legal Framework: Why a Compliance Officer / MLRO Is Required

Gambling operators licensed in Estonia operate under two primary regulatory frameworks. The Estonian Tax and Customs Board (EMTA) oversees gambling licensing and operational compliance under the Gambling Act (Hasartmänguseadus). The Estonian Financial Intelligence Unit (FIU, Rahapesu Andmebüroo) supervises compliance with AML/CFT obligations under the MLTFPA.

As a holder of an Estonian gambling activity licence, your company is classified as an obliged entity under MLTFPA section 2(1)(3). The full weight of Estonian AML/CFT obligations applies to your business – regardless of where your company is incorporated or where your operational team is based.

MLTFPA section 17(3) – the compliance officer / kontaktisik obligation (official English translation): “An obliged entity may appoint a person responsible for organising prevention of money laundering and terrorist financing and as its contact person with the Financial Intelligence Unit. The contact person must permanently reside in Estonia and have a good business reputation.”

While the statute uses permissive language (“may appoint”), the practical enforcement reality has shifted. The FIU conducts its correspondence exclusively in the Estonian language and expects licensed operators to have a responsive, Estonian-speaking compliance officer or MLRO available. Operators without a registered contact person face delays in FIU communications, risk regulatory findings, and – as the FIU has demonstrated through enforcement actions – administrative fines for non-responsive obliged entities.

A Practical Challenge for Non-Estonian Operators

For operators incorporated in Malta or other EU/EEA member states who hold an Estonian remote gambling operating permit, this creates a structural challenge. Your AML team and MLRO may be based outside Estonia. Your legal counsel may be elsewhere. But the FIU will write to you in Estonian and expects a response in Estonian, from a compliance officer physically present in Estonia.

Estonia’s Gambling Act explicitly permits companies incorporated in other EU/EEA member states to apply for and hold an Estonian gambling activity licence directly, without setting up a local Estonian entity. This means a significant share of licence holders have no Estonian presence at all – making the compliance officer requirement particularly acute.

Key Practical Risk: Failure to respond to an FIU inquiry within the prescribed timeframe – even if the delay is caused by language barriers – can constitute a breach of MLTFPA obligations and trigger supervisory proceedings. The FIU has issued fines to operators where no responsive local compliance officer or MLRO was available.

Who Needs a FIU Compliance Officer / MLRO?

Every company holding, or applying for, an Estonian gambling activity licence issued by EMTA is an obliged entity under MLTFPA section 2(1)(3). This includes operators holding licences for:

  • Games of chance (online casino, poker tournaments) – minimum share capital EUR 1,000,000
  • Toto / sports betting – minimum share capital EUR 130,000
  • Games of skill with monetary prizes

The current list of licensed gambling operators in Estonia is publicly available on the EMTA website. If your company appears on that list, or is in the process of applying, the FIU compliance officer obligation is relevant to you now – not only once you are operational.

What the Law Says the Compliance Officer Must Do

Section 17 of the MLTFPA sets out the specific duties of the compliance officer / kontaktisik. The five core obligations under the law are as follows:

1. Organise the prevention of money laundering and terrorist financing within the company.

The compliance officer is responsible for ensuring the company has functioning AML/CFT arrangements in place. This does not mean they personally run the compliance programme – rather, they oversee that the obligation is being met and escalate where it is not.

2. Act as the company’s registered contact person with the FIU (Rahapesu Andmebüroo).

The compliance officer is the formal registered point of contact between the company and the Estonian Financial Intelligence Unit. All official FIU correspondence is directed to and handled by this person. Since the FIU operates exclusively in Estonian, Estonian residency and language proficiency are essential.

3. Collect and analyse information on unusual transactions or circumstances arising from the company’s activities.

Where the company’s internal AML team identifies unusual or potentially suspicious activity, that information flows to the compliance officer. The compliance officer reviews it in the context of the FIU reporting obligation – they do not independently investigate customers, but they assess what has been presented to them and decide, together with the internal team, whether FIU reporting is warranted.

4. Transmit information to the FIU on suspicion of money laundering or terrorist financing.

This is the core reporting function – filing suspicious transaction reports (STRs) and international sanctions reports (ISRs) with the FIU via the RABIS reporting portal. The compliance officer reviews the completeness of reports prepared by the internal team and, where satisfied, submits them to the FIU. The MLTFPA imposes strict deadlines on these submissions.

5. Fulfil all other obligations of the contact person arising from the MLTFPA.

This includes responding to FIU requests for information, cooperating with supervisory inspections, and monitoring developments in Estonian AML/CFT law and FIU guidance that may affect the company’s compliance obligations.

The compliance officer must be permanently resident in Estonia and possess the knowledge and professional standing required under MLTFPA section 17(4). They must be registered with the FIU and their details kept current.

Complium’s Outsourced FIU Compliance Officer Service

Complium provides an outsourced FIU compliance officer (kontaktisik / MLRO) for licensed gambling operators. Our contact person handles your FIU correspondence, coordinates with your internal compliance team, and keeps you informed of regulatory changes affecting your licence.

The service is structured as a B2B engagement. Your substantive AML/CFT obligations remain entirely with your own team. Where preferred, the Contact Person can also be employed directly by your company, with Complium continuing to provide ongoing compliance support. Both structures are fully documented and contractually protected.

What is included

  • Qualified Estonian-resident FIU compliance officer / MLRO, available for FIU registration immediately
  • Receipt and forwarding of all FIU correspondence in Estonian
  • Coordination of STR and ISR filings with your internal AML team and submission to the FIU via the RABIS portal
  • Monitoring of MLTFPA, ISA, and FIU guidance developments with regular updates to your team
  • Backup and substitute coverage in cases of unavailability
  • Flexible engagement structure: B2B outsourcing or transition to direct employment of the compliance officer by your company

Why Act Now

A significant share of licensed Estonian gambling operators are companies incorporated in Malta and other EU/EEA jurisdictions, operating without an established Estonian compliance presence. As the FIU’s supervisory activity increases and its expectations of licensed operators become more explicit, the window for arranging a compliant MLRO on your own terms – rather than in response to a regulatory inquiry – is narrowing.

Complium can typically have a qualified FIU compliance officer ready for FIU registration within approximately two weeks of engagement. Our service agreement includes a clear fee structure, a defined and legally precise scope of services, and the contractual protections both parties need.

Contact Complium
Reach out to discuss your situation and receive a service proposal tailored to your licence type and operational structure.

Legal References

Money Laundering and Terrorist Financing Prevention Act (MLTFPA) – section 2(1)(3) definition of obliged entities; section 17(3)-(4) appointment, qualifications and duties of the compliance officer / contact person.

Estonian text (latest consolidated version): https://www.riigiteataja.ee/akt/113022026013?leiaKehtiv

Official English translation: https://www.riigiteataja.ee/en/eli/ee/517112017003/consolide/current

Gambling Act (Hasartmanguseadus) – licensing framework for gambling operators in Estonia.

International Sanctions Act (Rahvusvaheliste sanktsioonide seadus) – parallel reporting obligations applicable to licensed operators.

EMTA list of licensed gambling operators: https://www.emta.ee/en/business-client/registration-business/gambling-operators/list-legal-gambling-operators

This article is provided for informational purposes only and does not constitute legal advice.

We deliver expert AML compliance, fintech licensing, and corporate solutions across Europe.